<%@page import="org.email4java.consumer.NonceVerifier"%>
<%@ page session="true"%>
<%@ page
	import="org.email4java.discovery.Identifier,org.email4java.discovery.DiscoveryInformation,org.email4java.message.ax.FetchRequest,org.email4java.message.ax.FetchResponse,org.email4java.message.ax.AxMessage,org.email4java.message.*,org.email4java.emailException,java.util.List,java.io.IOException,javax.servlet.http.HttpSession,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,org.email4java.consumer.ConsumerManager,org.email4java.consumer.InMemoryConsumerAssociationStore,org.email4java.consumer.VerificationResult"%>
<%@ page import="org.biojava.services.das.dao.RegistryUser"%>
<%@ page import="org.email4java.consumer.*"%>
<%@ page import="org.biojava.services.das.registry.UserManager"%>
<%@ page import="net.sf.ehcache.*"%>
<%@ page import="org.email4java.consumer.*"%>
<%@ page import="dasregistry.RegistryEhCache"%>
<%@ page import="org.email4java.message.sreg.*"%>
<%@ page import="org.email4java.util.*"%>
<%@ page import="java.util.*"%>
<jsp:directive.page import="org.springframework.beans.factory.BeanFactory"/>
<jsp:directive.page import="org.springframework.context.support.ClassPathXmlApplicationContext"/>
<%@ page session="true" %>
<%@ include file="sangerheader.jsp"%>
<%@ page import="org.email4java.discovery.Identifier, org.email4java.discovery.DiscoveryInformation, org.email4java.message.ax.FetchRequest, org.email4java.message.ax.FetchResponse, org.email4java.message.ax.AxMessage, org.email4java.message.*, org.email4java.emailException, java.util.List, java.io.IOException, javax.servlet.http.HttpSession, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.email4java.consumer.ConsumerManager, org.email4java.consumer.InMemoryConsumerAssociationStore, org.email4java.consumer.VerificationResult" %>

<%
//change this to session so we get it back from our memcached rather than risk getting an application scope back that may not be from this server
    ConsumerManager manager=(ConsumerManager) session.getAttribute("consumermanager");

if(manager==null){
	System.out.println("consumer manager is null");
	manager=new ConsumerManager();
}
try
        {
            // --- processing the authentication response

            // extract the parameters from the authentication response
            // (which comes in as a HTTP request from the email provider)
            ParameterList responselist =
                    new ParameterList(request.getParameterMap());

            // retrieve the previously stored discovery information
            DiscoveryInformation discovered =
                    (DiscoveryInformation) session.getAttribute("email-disco");

            // extract the receiving URL from the HTTP request
            StringBuffer receivingURL = request.getRequestURL();
            String queryString = request.getQueryString();
            if (queryString != null && queryString.length() > 0)
                receivingURL.append("?").append(request.getQueryString());

            // verify the response; ConsumerManager needs to be the same
            // (static) instance used to place the authentication request
            VerificationResult verification = manager.verify(
                    receivingURL.toString(),
                    responselist, discovered);

            // examine the verification result and extract the verified identifier
            Identifier verified = verification.getVerifiedId();
         //System.out.println("verifier="+verified.getIdentifier());
            if (verified != null)
            {
            	System.out.println("verifier isn't null");
                AuthSuccess authSuccess =
                        (AuthSuccess) verification.getAuthResponse();

                session.setAttribute("email", authSuccess.getIdentity());
                session.setAttribute("email-claimed", authSuccess.getClaimed());
                response.sendRedirect("loginFirstAction.jsp");  // success
            }
            else
            {
            	//session.invalidate();
%>			
            Failed to login!
<%
            }
        }
        catch (emailException e)
        {
        	//session.invalidate();
%>
            Login error!
<%
            // present error to the user
        }

%>
